<?php
	session_start();
	if(!array_key_exists("role", $_SESSION) || $_SESSION['role'] != "admin"){
		header("Location: /index.php");
		exit;
	}
	
	$conn = mysql_connect("", "piedu_user", "q&&^%@8ezO8+");
	mysql_select_db("piedu_db");
	
	if(array_key_exists("action", $_GET) &&  array_key_exists("id", $_GET) && $_GET['action'] == "delete"){
		$sql = "DELETE FROM items WHERE id = {$_GET['id']}";
		mysql_query($sql, $conn);
		header("Location: items.php?deleted=true");
		exit;
	} else if(array_key_exists("action", $_GET) &&  array_key_exists("id", $_GET) && $_GET['action'] == "edit"){
		$id = preg_replace("/[^0-9\s]/", "", $_GET['id']);
		$sql = "SELECT * from items WHERE id = $id";
		$query = mysql_query($sql, $conn);
		if(mysql_num_rows($query) < 1){
			header("Location: items.php?notfound=true");
			exit;
		} else {
			$item = mysql_fetch_row($query);
		}
	} else if(array_key_exists("action", $_POST) && $_POST['action'] == "add"){
		$start_date = date("Y-m-d", mktime(0,0,0, $_POST['start_month'], $_POST['start_day'], $_POST['start_year']));
		$end_date = date("Y-m-d", mktime(0,0,0, $_POST['end_month'], $_POST['end_day'], $_POST['end_year']));
		$sql = "INSERT INTO items (sku, description, long_description, price, category, combo, combo_sku, combo_price) VALUES ({$_POST['sku']}, '{$_POST['description']}', '{$_POST['long_description']}', {$_POST['price']}, '{$_POST['category']}', '{$_POST['combo']}', '{$_POST['combo_sku']}', '{$_POST['combo_price']}')";
		mysql_query($sql, $conn);
		
		//Upload the picture
		$file_name = "/images/sku/{$_POST['sku']}".substr($_FILES['userfile']['name'], -4);
		move_uploaded_file($_FILES['userfile']['tmp_name'], $file_name);
		
		header("Location: items.php?added=true");
		exit;
	} else if(array_key_exists("action", $_POST) && $_POST['action'] == "update"){
		$start_date = date("Y-m-d", mktime(0,0,0, $_POST['start_month'], $_POST['start_day'], $_POST['start_year']));
		$end_date = date("Y-m-d", mktime(0,0,0, $_POST['end_month'], $_POST['end_day'], $_POST['end_year']));
		$sql = "UPDATE items SET sku = {$_POST['sku']}, description = '{$_POST['description']}', long_description = '{$_POST['long_description']}', price = {$_POST['price']}, category = '{$_POST['category']}', combo = '{$_POST['combo']}', combo_sku = '{$_POST['combo_sku']}', combo_price = '{$_POST['price']}' WHERE id = '{$_POST['id']}'";
		mysql_query($sql, $conn);
		header("Location: items.php?updated=true");
		exit;
	}

?>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
<title>Pie Education | Manage Items</title>
<Meta name="Author" content="Rob Keller">
<Meta name="Publisher" content="Aaron Aceves">
<Meta name="Robots" content="NOINDEX,NOFOLLOW">
<Meta name="Content-Language" content="English">
<link rel="shortcut icon" type="image/x-icon" href="/favicon.ico" />
<link rel="stylesheet" href="../css/style.css" />
</head>

<body>
<table width="100%" border="0" align="center" cellpadding="0" cellspacing="0">
  <tr>
    <td height="80" bgcolor="#FF8C00" align="center"><table width="980" border="0" align="center" cellpadding="0" cellspacing="0">
      <tr>
        <td><a href="index.php"><img src="../images/logo.png" alt="Return to Index" width="250" height="70" border="0" title="pie.edu an E-Learning Network" /></a></td>
      </tr>
    </table></td>
  </tr>
  <tr>
    <td height="30" bgcolor="#000000" align="center"><a href="index.php" class="global-nav-menu" style="color:#FFF">Home </a><a href="coupons.php" class="global-nav-menu" style="color:#FFF">Manage Coupons </a><a href="promotions.php" class="global-nav-menu" style="color:#FFF">Manage Promotions </a><a href="items.php" class="global-nav-menu" style="color:#FFF">Manage Items</a><a href="manage_orders.php" class="global-nav-menu" style="color:#FFF">Manage Orders</a><a href="transactions.php" class="global-nav-menu" style="color:#FFF">Transactions Details</a><a href="#" class="global-nav-menu" style="color:#FFF">Another Menu</a><a href="#" class="global-nav-menu" style="color:#FFF">Another Menu</a><a href="#" class="global-nav-menu" style="color:#FFF">Another Menu</a><a href="/logout.php" class="global-nav-menu" style="color:#FFF">Logout</a></td>
  </tr>
  <tr>
    <td height="500" bgcolor="#FFFFFF"><table width="980" border="0" align="center" cellpadding="4" cellspacing="4">
      <tr>
        <td>&nbsp;</td>
      </tr>
      <?php
      if($_GET['action'] == "edit"){
	  echo '<tr>
        <td><form id="form2" name="form2" method="post" action="items_action.php">
          <table width="600" border="0" align="center" cellpadding="4" cellspacing="4">
            <tr>
              <td width="150"><strong>SKU</strong></td>
              <td><input name="sku" type="text" id="sku" value="'.$item[1].'" size="30" disabled="disabled" />
                <input name="action" type="hidden" id="action" value="update" />
                <input name="id" type="hidden" id="id" value="'.$item[0].'" /></td>
            </tr>
            <tr>
              <td><strong>Description or Name</strong></td>
              <td><input name="description" type="text" id="description" value="'.$item[2].'" size="30" /></td>
            </tr>
            <tr>
              <td><strong>Long Description</strong></td>
              <td><label for="long_description"></label>
                <textarea name="long_description" id="long_description" cols="45" rows="3">'.$item[3].'</textarea></td>
            </tr>
            <tr>
              <td><strong>Price</strong></td>
              <td><input name="price" type="text" id="price" value="'.$item[4].'" size="10" /></td>
            </tr>
            <tr>
              <td><strong>Category</strong></td>
              <td><label for="category"></label>
                <select name="category" id="category">
                  <option value="products"'; if($item[5] == "products"){ echo 'selected="selected"'; } echo '>Products</option>
                  <option value="banners"'; if($item[5] == "banners"){ echo 'selected="selected"'; } echo '>Banners</option>
                  <option value="apps"'; if($item[5] == "apps"){ echo 'selected="selected"'; } echo '>Apps</option>
                </select></td>
            </tr>
            <tr>
              <td><strong>Combo</strong></td>
              <td><select name="combo" id="combo">
                  <option value="yes"'; if($item[6] == "yes"){ echo 'selected="selected"'; } echo '>Yes</option>
                  <option value="no"'; if($item[6] == "no"){ echo 'selected="selected"'; } echo '>No</option>
                </select></td>
            </tr>
            <tr>
              <td><strong>Combo SKU</strong></td>
              <td><input name="combo_sku" type="text" id="combo_sku" value="'.$item[7].'" size="30" /></td>
            </tr>
            <tr>
              <td><strong>Combo Price</strong></td>
              <td><input name="combo_price" type="text" id="combo_price" value="'.$item[8].'" size="10" /></td>
            </tr>
            <tr>
              <td>&nbsp;</td>
              <td><input name="Submit" type="submit" class="submit" id="Submit" value="Update Item" /></td>
            </tr>
          </table>
        </form></td>
      </tr>';
      } else {
      echo '<tr>
        <td><form id="form1" name="form1" method="post" action="items_action.php" enctype="multipart/form-data">
          <table width="600" border="0" align="center" cellpadding="4" cellspacing="4">
            <tr>
              <td width="150"><strong>SKU</strong></td>
              <td><label for="sku"></label>
                <input name="sku" type="text" id="sku" size="30" />
                <input name="action" type="hidden" id="action" value="add" /></td>
            </tr>
            <tr>
              <td><strong>Description or Name</strong></td>
              <td><input name="description" type="text" id="description" size="30" /></td>
            </tr>
            <tr>
              <td><strong>Long Description</strong></td>
              <td><label for="long_description"></label>
                <textarea name="long_description" id="long_description" cols="45" rows="3"></textarea></td>
            </tr>
			<tr>
              <td><strong>Choose a Picture</strong></td>
              <td><input type="file" name="item_picture" id="item_picture" /><div style="style="font-size:8px;color:#F00;font-style:italic">*Picture dimensions 160 x 149</div></td>
            </tr>
            <tr>
              <td><strong>Price</strong></td>
              <td><input name="price" type="text" id="price" size="10" /></td>
            </tr>
            <tr>
              <td><strong>Category</strong></td>
              <td><label for="category"></label>
                <select name="category" id="category">
                  <option value="products" selected="selected">Products</option>
                  <option value="banners">Banners</option>
                  <option value="apps">Apps</option>
                </select></td>
            </tr>
            <tr>
              <td><strong>Combo</strong></td>
              <td><label for="combo"></label>
                <select name="combo" id="combo">
                  <option value="yes">Yes</option>
                  <option value="no" selected="selected">No</option>
                </select></td>
            </tr>
            <tr>
              <td><strong>Combo SKU</strong></td>
              <td><input name="combo_sku" type="text" id="combo_sku" size="30" /></td>
            </tr>
            <tr>
              <td><strong>Combo Price</strong></td>
              <td><input name="combo_price" type="text" id="combo_price" size="10" /></td>
            </tr>
            <tr>
              <td>&nbsp;</td>
              <td><input name="Submit" type="submit" class="submit" id="Submit" value="Create Item" />
                <input name="reset" type="submit" class="submit" id="reset" value="Reset Form" /></td>
            </tr>
          </table>
        </form></td>
      </tr>';
      }
      ?>
      <tr>
        <td>&nbsp;</td>
      </tr>
    </table></td>
  </tr>
  <tr>
    <td height="80" bgcolor="#FF9933" align="center"><a href="../index.php" class="bottom-general-menu" style="color:#FFF">Home</a> <a href="../platform.php" class="bottom-general-menu" style="color:#FFF">Platform</a> <a href="../piephone.php" class="bottom-general-menu" style="color:#FFF">Pie Phone</a> <a href="../company_training.php" class="bottom-general-menu" style="color:#FFF">Company Training</a> <a href="../jobs.php" class="bottom-general-menu" style="color:#FFF">Jobs</a> <a href="../press.php" class="bottom-general-menu" style="color:#FFF">Press</a> <a href="../community/" class="bottom-general-menu" style="color:#FFF">Community</a> <a href="../mobile.php" class="bottom-general-menu" style="color:#FFF">Mobile</a> <a href="support/" class="bottom-general-menu" style="color:#FFF">Help</a> <a href="../blog/" class="bottom-general-menu" style="color:#FFF">Blogs</a> <a href="../forums/" class="bottom-general-menu" style="color:#FFF">Forums</a><a href="../about.php" class="bottom-general-menu" style="color:#FFF">About</a> <a href="../terms.html" class="bottom-general-menu" style="color:#FFF">Terms of Use</a> <a href="../privacy.html" class="bottom-general-menu" style="color:#FFF">Privacy Policy</a> <a href="../contact-us.php" class="bottom-general-menu" style="color:#FFF">Contact Us</a></td>
  </tr>
</table>
</body>
</html>